Method for synchronizing encryption information between SCell and UE

ABSTRACT

The present application discloses a method for synchronizing encryption information between a SCell and UE, which includes that: the SCell transmits a COUNT value of RB established for the UE to a PCell; the PCell transmits the COUNT value received from the SCell to the UE; and the PCell receives a COUNT value of RB established on the SCell that is saved by the UE from the UE. Or, the SCell and the UE may directly exchange the COUNT value of RB. By the present application, the security and correctness of data can be ensured.

CROSS-REFERENCE TO RELATED APPLICATION(S)

This application is a continuation application of prior application Ser.No. 14/758,019, filed on Jun. 26, 2015, which has issued as U.S. Pat.No. 9,736,687 on Aug. 15, 2017 and claimed the benefit under § 365(c),of an International application filed on Dec. 30, 2013 and assignedapplication number PCT/KR2013/012376, which claimed the benefit under 35U.S.C § 119(a) of a Chinese patent application filed on Dec. 28, 2012 inthe State Intellectual Property Office and assigned Serial number201210585571.7, the entire disclosure of which is hereby incorporated byreference

TECHNICAL FIELD

The present application relates to radio communication technologies, andmore particularly to a method for synchronizing encryption informationbetween a Secondary Cell (SCell) and User Equipment (UE).

BACKGROUND ART

Modern mobile communication technology tends to provide high-data-ratemultimedia services for users. FIG. 1 is a schematic diagramillustrating the structure of a System Architecture Evolution (SAE).

In FIG. 1, UE 101 is a terminal device for receiving data. An EvolvedUniversal Terrestrial Radio Access Network (E-UTRAN) 102 is a radioaccess network which includes an eNodeB/NodeB for providing a radionetwork interface for the UE. A Mobile Management Entity (MME) 103 isconfigured to manage mobility contexts, session contexts and securityinformation of the UE. A Serving Gateway (SGW) 104 is configured toprovide functions of a subscriber plane. The MME 103 and the SGW 104 maybe located in the same physical entity. A Packet Gateway (PGW) 105 isconfigured to implement charging and legal monitoring functions. The PGW105 and the SGW 104 may be located in the same physical entity. A Policyand Charging Rules Function (PCRF) 106 is configured to provide QoSpolicies and charging rules. A Service GPRS Supporting Node (SGSN) 108is a network node device for providing routing for data transmission ina Universal Mobile Telecommunications System (UMTS). A Home SubscriberServer (HSS) 109 is a home subsystem of the UE and is configured toprotect user information including the current location of the UE, theaddress of a serving node, user security information and packet datacontexts of the UE.

In current Long Term Evolution (LTE) system, each cell supportsbandwidth of 20 MHz at most. In order to increase the peak rate of UE, aCarrier Aggregation (CA) technology is introduced in a LTE-Advancedsystem. Through the CA technology, the UE may communicate with multiplecells that are managed by the same evolved Node B (eNB) and work ondifferent frequencies, which makes transmission bandwidth up to 100 MHzand doubles the uplink and downlink peak rate of the UE.

In order to increase the transmission bandwidth, one user may be servedby multiple cells, and these cells may be covered by one eNB or multipleeNBs, and thus this technology is called CA technology. FIG. 2 is aschematic diagram illustrating cross-eNB CA. For UE working in the caseof CA, aggregated cells include a Primary Cell (PCell) and a SCell.There is only one PCell, and the PCell is a serving cell and is alwaysin an active state. The PCell can be handed over only through a handoverprocess. The UE transmits and receives Non-Access Stratum (NAS)information only in the PCell, and a Physical Uplink Control Channel(PUCCH) is transmitted only in the PCell.

In a current system, the MME needs to encrypt signalings of non-accesslayer and the eNB needs to encrypt Radio Resource Control (RRC)signalings and data. The MME calculates an initial key (KeNB) andtransmits the KeNB to the eNB. Further, the MME transmits a set ofparameters (Next Hop, called NH for short, and Next Hop Counter, calledNCC for short) to the eNB through a handover message. These parametersmay be used for calculating the KeNB. In an X2 handover process, asource eNB calculates a KeNB used by a destination eNB. The KeNB used bythe destination eNB may be a new KeNB that is generated based on a KeNBcurrently used and referring to the downlink frequency and ProtocolControl Information (PCI) of the destination eNB. This method is calleda horizontal generating method. The KeNB used by the destination eNB mayalso be generated according to the NH and NCC saved by the source eNB.This method is called a vertical generating method. These methods havebeen defined in a current protocol 3GPP 33.401. The UE generates itsKeNB by using the same algorithm as that used by the MME. When the UEperforms X2 or S1 handover, the eNB transmits a message to the UE, toinform the UE of the NCC used currently by the eNB and indicate the UEto generate a new KeNB. The UE generates the new KeNB according to thehorizontal or vertical generating method. The NCC is used to determinewhich one of the horizontal generating method and the verticalgenerating method is used by the UE. If the NCC is the same as the NCCcorresponding to the KeNB used currently by the UE, the UE uses thehorizontal generating method, and if the NCC is different from the NCCcorresponding to the KeNB used currently by the UE, the UE uses thevertical generating method.

When data synchronization is performed, another input parameter besidesthe KeNB is a COUNT value of 32 bits. The COUNT value includes twosections, a High Frame Number (HFN) and a serial number of Packet DataConvergence Protocol (PDCP). The length of serial number of PDCP isconfigured by a high layer, and the length of HFN is equal to 32 minusthe length of serial number of PDCP.

DISCLOSURE Technical Problem

When the data plane of the UE is provided by the PCell and the SCell,the SCell needs to calculate the COUNT value and use it to encrypt thedata plane, and the UE needs to use the same COUNT value to decrypt thedata plane. And thus, a process of synchronizing the COUNT value betweenthe SCell and the UE is needed, but current protocols do not supportthis process.

Technical Solution

The present application provides several methods for synchronizing aCOUNT value between a SCell and UE. In the case of establishing a RadioBearer (RB) between UE and multiple eNBs, data on these links may beencrypted and decrypted correctly.

A method for synchronizing encryption information between a SCell and UEincludes: transmitting, by the SCell, a COUNT value of RB establishedfor the UE to a PCell; transmitting, by the PCell, the COUNT valuereceived from the SCell to the UE; and receiving, by the PCell, a COUNTvalue of RB that is saved by the UE from the UE.

Preferably, the COUNT value transmitted by the SCell to the PCell, theCOUNT value transmitted by the PCell to the UE and the COUNT valuereceived by the PCell from the UE are highest N bits of the COUNT value,wherein N is a predefined positive integer.

Preferably, the transmitting, by the UE, the COUNT value to the PCellincludes: transmitting, by the UE, the COUNT value of RB indicated bythe PCell to the PCell, or comparing, by the UE, the COUNT value of RBthat is saved by the UE with the COUNT value of RB transmitted by thePCell, and when the COUNT value of RB that is saved by the UE and theCOUNT value of RB transmitted by the PCell are not identical,transmitting, by the UE, the COUNT value of RB that is saved by the UEto the PCell; and/or transmitting, by the UE, the COUNT value of RB thatis saved by the UE but is not contained in the transmission of the PCellto the PCell.

Preferably, the method further includes: checking, by the PCell, whetherthe COUNT value of RB established by the SCell for the UE reaches apredefined threshold.

Preferably, the method further includes: checking, by the PCell, whetherthe COUNT value of RB on the SCell and the COUNT value of RB on the UEare identical.

Preferably, if the COUNT value of RB on the SCell and the COUNT value ofRB on the UE are not identical, the method further includes: releasing,by the PCell, a radio connection of the UE, and transmitting a messageto the SCell to request the SCell to release information of the UE savedby the SCell.

Preferably, if the COUNT value of RB established by the SCell for the UEreaches the predefined threshold, the method further includes:transmitting, by the PCell, a message to the SCell to request to releaseor reconfigure the RB whose COUNT value reaches the predefined thresholdor perform another operation.

Preferably, the method further includes: checking, by the SCell, whetherthe COUNT value of RB established by the SCell for the UE reaches apredefined threshold.

Preferably, the method further includes: transmitting, by the PCell, theCOUNT value received from the UE to the SCell.

Preferably, if the COUNT value of RB on the SCell and the COUNT value ofRB on the UE are not identical, the method further includes:transmitting, by the SCell, a message to the PCell to request to releasea Radio Resource Control (RRC) connection of the UE.

Preferably, if the COUNT value of RB established by the SCell for the UEreaches the predefined threshold, the method further includes:transmitting, by the SCell, a message to the PCell to request to releaseor reconfigure the RB whose COUNT value reaches the predefined thresholdor perform another operation.

Preferably, the SCell periodically transmits the COUNT value to thePCell or transmits the COUNT value to the PCell according to aconfigured threshold.

Preferably, the SCell transmits the COUNT value to the PCell afterreceiving a synchronization checking request message of COUNT value fromthe PCell.

Preferably, the synchronization checking request message of COUNT valuecontains a cell identity of the SCell, and when the synchronizationchecking request message of COUNT value does not contain an identity ofthe RB, transmitting, by the SCell, COUNT values of all RBs establishedby the SCell for the UE to the PCell; and when the synchronizationchecking request message of COUNT value does not contain the cellidentity of the SCell, transmitting, by the SCell, COUNT values of allRBs established in an eNB covering the SCell for the UE to the PCell.

A method for synchronizing encryption information between a SCell and UEincludes: informing, by the SCell, the UE of a COUNT value of RB; andreceiving, by the SCell, a COUNT value of RB from the UE.

Preferably, the COUNT value transmitted by the SCell to the UE and theCOUNT value received by the SCell from the UE are highest N bits of theCOUNT value, wherein N is a predefined positive integer.

Preferably, the transmitting, by the UE, the COUNT value to the SCellincludes: transmitting, by the UE, COUNT values of all RBs to the SCell,or comparing, by the UE, the COUNT value of RB that is saved by the UEwith the COUNT value of RB transmitted by the SCell, and when the COUNTvalue of RB that is saved by the UE and the COUNT value of RBtransmitted by the SCell are not identical, transmitting, by the UE, theCOUNT value of RB that is saved by the UE to the SCell; and/ortransmitting, by the UE, the COUNT value of RB that is saved by the UEbut is not contained in the transmitting of the SCell to the SCell.

Preferably, the method further includes: initiating, by the SCell, aSCell RB reconfiguring or releasing request to a PCell, to request toreconfigure or release any RB; or, initiating, by the SCell, a RRCconnection releasing request to the PCell.

As can be seen from the above solution of the present application, bythe methods for synchronizing the COUNT value between the SCell and theUE, the UE may decrypt the data transmitted by the SCell, and the SCellmay also correctly decrypt the data transmitted by the UE, therebyensuring the security and correctness of data. By the methods of thepresent application, the data of SCell is transmitted after beingencrypted, thereby ensuring the security of data.

DESCRIPTION OF DRAWINGS

FIG. 1 is a schematic diagram illustrating the structure of a SAE.

FIG. 2 is a schematic diagram illustrating cross-eNB CA.

FIG. 3 is a flowchart illustrating a first method of the presentapplication.

FIG. 4 is a flowchart illustrating a method according to a first exampleof the present application.

FIG. 5 is a flowchart illustrating a method according to a secondexample of the present application.

FIG. 6 is a flowchart illustrating a method according to a third exampleof the present application.

FIG. 7 is a flowchart illustrating a second method of the presentapplication.

FIG. 8 is a flowchart illustrating a method according to a fourthexample of the present application.

BEST MODE

In order to make the object, technical solution and merits of thepresent application clearer, the present application will be illustratedin detail hereinafter with reference to the accompanying drawings.

The present application provides two methods for synchronizingencryption information between a SCell and UE. In one method, theencryption information is transmitted between the SCell and the UEthrough a PCell, and in the other method, the encryption information isdirectly transmitted between the SCell and the UE, so as to synchronizethe encryption information.

FIG. 3 illustrates a method for synchronizing encryption informationbetween the SCell and the UE through the PCell, i.e., a first method forsynchronizing the encryption information provided by the presentapplication. As shown in FIG. 3, the method includes following blocks.

In block 301, the PCell obtains a COUNT value of RB on the SCell.

The PCell may obtain COUNT values of multiple RBs on the SCell. ThePCell may obtain the COUNT value of RB through a periodical report ofthe SCell, or the SCell reports the COUNT value of RB according to aconfigured threshold, or the PCell actively requests the SCell to reportthe COUNT value of RB on the SCell.

In block 302, the PCell informs the UE of the COUNT value of RB on theSCell, and receives a response message from the UE.

And thus, the PCell has obtained the COUNT value of RB on the SCell andthe COUNT value of RB on the UE. When the COUNT value of RB on the SCelland the COUNT value of RB on the UE are not synchronous, the PCell mayinitiate an operation. Or, the PCell may transmit a synchronizationchecking response message returned by the UE to the SCell. In this way,the SCell obtains the COUNT value of RB on the SCell and the COUNT valueof RB on the UE, and when the COUNT value of RB on the SCell and theCOUNT value of RB on the UE are not synchronous, the SCell may initiatean operation.

Detailedly, after the PCell obtains the above information, the PCellchecks whether the COUNT value of RB reaches a predefined threshold; ifyes, the PCell decides how to process the RB. There are multiple methodsfor processing the RB. For example, the PCell releases or reconfiguresthe RB established on the SCell, or the PCell transmits a message to theSCell to make the SCell perform an intracell handover process. The PCellalso checks whether the COUNT value of RB on the SCell and the COUNTvalue of RB on the UE are identical; if no, the PCell releases the radioconnection of the UE and the information of the UE on the SCell, orreports this case to an operation and maintenance node.

After the PCell obtains the above information, the SCell checks whetherthe COUNT value of RB reaches the predefined threshold. The method mayfurther include that, the PCell transmits the response message of the UEto the SCell. According to the method, the SCell checks whether theCOUNT value of RB reaches the predefined threshold; if yes, the SCelldecides how to process the RB. There are multiple methods for processingthe RB. For example, the SCell initiates a releasing process of the RB.The SCell also checks whether the COUNT value of RB on the SCell and theCOUNT value of RB on the UE are identical; if no, the method furtherincludes that the SCell initiates a releasing process of radioconnection of the UE, and the PCell releases the radio connection of theUE and the information of the UE on the SCell, or reports this case tothe operation and maintenance node.

The first method is illustrated hereinafter with reference to threeexamples.

A first example describes a process of synchronizing the COUNT valuebetween the SCell and the UE through the PCell. In this example, theSCell actively transmits the COUNT value to the PCell. The PCell checkswhether the synchronization information of the UE and thesynchronization information of the network are identical and whether theCOUNT value reaches the predefined threshold. FIG. 4 is a flowchartillustrating a method according to the first example of the presentapplication. As shown in FIG. 4, the method includes following blocks.

In block 401, the PCell transmits a SCell establishing request messageto the SCell, and requests an eNB covering the SCell to establish a newRB for the UE.

The PCell decides to establish a new SCell for the UE. The PCell makesthe decision based on different reasons. A first reason is because theload of the PCell is large and the SCell may transmit data of the UE, soas to share the load the PCell. A second reason is because the MMErequests the PCell to establish a new RB and the PCell decides toestablish the new RB in the SCell. The SCell is selected based on thechannel quality of the cell detected by the UE, and the UE reports thedetected channel quality to the PCell through a measurement report. Thenew SCell and the PCell are covered by different eNBs. Suppose the newSCell is covered by eNB 2.

The serving cell of the UE decides to establish a radio access bearer onthe SCell, and eNB 1 may select the SCell according to radio signalquality.

Suppose the SCell is covered by the eNB 2, and the eNB 1 transmits amessage to the eNB 2. The name of the message may be another name. Themessage contains an identity of destination cell, an X2 interfaceidentity of the UE, and information of to-be-established LTE E-UTRANRadio Access Bearer (E-RAB). The information of to-be-established LTEE-RAB contains a Bearer Id and QoS information of the E-RAB, and atransport layer address and tunnel port identity of serving gateway (orthe eNB 1) receiving uplink data.

In block 402, the SCell transmits a SCell establishing response messageto the PCell.

The eNB 2 confirms that the SCell is established successfully, andtransmits a message to the eNB 1. The SCell establishing responsemessage contains information of the SCell that is covered newly by theeNB 2, and a transport layer address and tunnel port identity forreceiving downlink data.

The information of cell may contain a Physical Cell Identity (PCI), cellidentity, Public Land Mobile Network (PLMN) identity, uplink anddownlink frequency and bandwidth of the cell, and further contains thenumber of antenna ports, information of Multicast Broadcast SingleFrequency Network (MBSFN) subframe, and the configuration of PhysicalRandom Access Channel (PRACH). The information of cell further containsthe general configuration of Physical Downlink Shared Channel (PDSCH) ofthe cell, such as the reference signal power of the PDSCH and P-B. Theinformation of the serving cell further contains the configuration ofPhysical Hybrid ARQ Indicator Channel (PHICH), such as informationindicating that the duration of the PHICH is normal or extended, andresources of the PHICH.

In block 403, the SCell transmits a synchronization checking message tothe PCell.

The SCell may periodically transmit the synchronization checkingmessage, or transmit the synchronization checking message according to aconfigured threshold. The synchronization checking message contains acell identity of the SCell, a Bearer Id of the RB and an uplink COUNTvalue and/or downlink COUNT value of the RB. Only several highest bitsof the COUNT value are contained when a COUNT state is transmitted. Forexample, highest 25 bits of the COUNT value are contained, or all bitsof the COUNT value are contained.

In block 404, the PCell transmits the synchronization checking messageto the UE.

The synchronization checking message contains the Bearer Id of the RBand the uplink COUNT value and/or downlink COUNT value of RB. Onlyseveral highest bits of the COUNT value may be contained. For example,highest 25 bits of the COUNT value are contained, or all bits of theCOUNT value are contained.

In block 405, the UE transmits a synchronization checking responsemessage to the PCell.

The UE also saves the COUNT value of RB, checks whether the saved COUNTvalue and the COUNT value described in block 404 are identical, andtransmits a checking result through a response message.

The response message may be implemented through different methods. Forexample, the response message contains the Bearer Id of the RB, and theuplink COUNT value and/or downlink COUNT value of RB. The RB containedin the response message is the RB described in block 404. Only severalhighest bits of the COUNT value may be contained when a COUNT state istransmitted. For example, highest 25 bits of the COUNT value arecontained, or all bits of the COUNT value are contained.

Or, when the COUNT value saved by the UE and the COUNT value describedin block 404 are identical, the response message does not contain theinformation of the RB. If the COUNT value saved by the UE and the COUNTvalue described in block 404 are not identical, the response messagecontains the information of the RB. Cases that the COUNT value saved bythe UE and the COUNT value described in block 404 are not identicalinclude that:

(1) the RB has been established, but the RB is not contained in thesynchronization checking message in block 404;

(2) the RB has been established and the RB is contained in thesynchronization checking message in block 404, but the uplink and/ordownlink COUNT value of the RB saved by the UE is not identical to theCOUNT value indicated by the synchronization checking message in block404;

(3) other instances.

In this example, the PCell checks whether the synchronizationinformation of the UE and the synchronization information of the networkare identical and whether the COUNT value reaches the predefinedthreshold. If the COUNT value of a certain RB reaches the predefinedthreshold, following blocks is performed.

In block 406, the PCell transmits a RB releasing request message, oranother process is performed, for example, the PCell transmits a SCellreconfiguring request message, or a message for making the SCell performintracell handover.

In block 407, the SCell transmits a response message to the PCell.

If the PCell detects that the COUNT value on the UE is not identical tothe COUNT value saved by the SCell, following blocks are performed.

In block 408, the PCell initiates a RRC connection releasing process.The PCell transmits a RRC connection releasing request message to the UEto initiate the RRC connection releasing process. Afterwards, the UEtransmits a response message to confirm that the RRC connectionreleasing process is completed. This process is the same as a currentdefined process and is omitted herein.

In block 409, the PCell releases the information of the UE saved on theSCell. The PCell transmits a UE information releasing request message tothe SCell. The UE information releasing request message contains anidentity of the UE, and may further contain a releasing reason. Theidentity of the UE may be an X2 interface identity of the UE, or aunique identity of the UE, or any identity that can uniquely identifythe UE in the SCell.

In block 410, the SCell transmits a response message to confirm that theinformation of the UE is released.

And thus, the process described in the first example ends.

A second example describes a process of synchronizing the COUNT valuebetween the SCell and the UE through the PCell. In this example, theSCell actively transmits the COUNT value to the PCell. The SCell checkswhether the synchronization information of the UE and thesynchronization information of the network are identical and whether theCOUNT value reaches the predefined threshold. FIG. 5 is a flowchartillustrating a method according to a second example of the presentapplication. As shown in FIG. 5, the method includes following blocks.

Blocks 501 to 505 are the same as blocks 401 to 405 respectively and areomitted herein.

In this example, the SCell checks whether the synchronizationinformation of the UE and the synchronization information of the networkare identical and whether the COUNT value reaches the predefinedthreshold. If the COUNT value reaches the predefined value, in block506, the PCell transmits a synchronization checking response message tothe SCell. The synchronization checking response message contains theinformation described in block 405.

In block 507, the SCell may check whether the COUNT value reaches thepredefined threshold; if yes, the SCell determines that the COUNT valueis close to an overflow state, and transmits a RB releasing indicationmessage. The name of the RB releasing indication message may be anothername, and the RB releasing indication message contains a Bearer Id, andmay further contain a releasing reason.

In block 508, the PCell transmits a RB releasing request message, oranother process is performed, for example, the PCell transmits a SCellreconfiguring request message, or a message for making the SCell performintracell handover.

In block 509, the SCell transmits a response message to the PCell.

If the COUNT value on the UE and the COUNT value on the SCell are notidentical, in block 510, the SCell transmits a radio connectionreleasing indication message to the PCell. The name of the radioconnection releasing indication message may be another name. The radioconnection releasing indication message contains the identity of the UE,and may further contain a releasing reason. The identity of the UE maybe an X2 interface identity of the UE, or a unique identity of the UE,or any identity that can uniquely identify the UE in the SCell.

Blocks 511 to 513 are the same as blocks 408 to 410 respectively and areomitted herein.

And thus, the process described in the second example ends.

A third example describes a process of synchronizing the COUNT valuebetween the SCell and the UE through the PCell. In this example, theSCell transmits the COUNT value to the PCell after being initiated bythe PCell. In the third example, blocks following block 604 may beimplemented through two methods which respectively correspond the blocksfollowing block 403 in the first example and the blocks following block503 in the second example. That is, the PCell or the SCell checkswhether the synchronization information of the UE and thesynchronization information of the network are identical and whether theCOUNT value reaches the predefined threshold. The third example onlydescribes some blocks different from the first example and the secondexample. FIG. 6 is a flowchart illustrating a method for synchronizingthe COUNT value according to the third example. As shown in FIG. 6, themethod includes following blocks.

Blocks 601 and 602 are the same as blocks 401 and 402 respectively andare omitted herein.

In block 603, the PCell transmits a synchronization checking requestmessage to the SCell.

The synchronization checking request message contains the X2 interfaceidentity of the UE, may further contain the cell identity of the SCell,and may further contain the Bearer Id. If the synchronization checkingrequest message does not contain the Bearer Id, the SCell needs toreport COUNT states of all RBs established on the SCell to the PCell. Ifthe synchronization checking request message does not the cell identityof the SCell, the SCell needs to report the COUNT states of all RBsestablished on an eNB covering the SCell to the PCell.

In block 604, the SCell transmits a synchronization checking message tothe PCell.

The synchronization checking message contains the Bearer Id of the RBand an uplink COUNT value and/or downlink COUNT value of RB. Onlyseveral highest bits of the COUNT value are contained when a COUNT stateis transmitted. For example, highest 25 bits of the COUNT value arecontained, or all bits of the COUNT value are contained.

Blocks 605 and 605 are the same as blocks 404 and 405 respectively andare omitted herein.

Afterwards, if the PCell checks whether the synchronization informationof the UE and the synchronization information of the network areidentical and whether the COUNT value reaches the predefined value,blocks following block 606 are the same as blocks 406, 407, 408, 409 and410 respectively and are omitted herein.

If the SCell checks whether the synchronization information of the UEand the synchronization information of the network are identical andwhether the COUNT value reaches the predefined value, blocks followingblock 606 are the same as blocks 506, 507, 508, 509, 510, 511, 512 and513 respectively and are omitted herein.

And thus, the process described in the third example ends.

FIG. 7 describes a method for directly synchronizing the COUNT valuebetween the SCell and the UE, i.e., a second method provided by thepresent application. The SCell checks whether the COUNT value overflows.When the COUNT value meets a predefined overflowing condition, the SCellinforms the PCell of an overflow state, and the PCell may release the RBor reconfigure the RB to prevent from repeatedly use ofing the COUNTvalue of the RB. As shown in FIG. 7, the method includes: followingblocks.

In block 701, the SCell informs the UE of the COUNT value of RB, andreceives a response message from the UE.

In block 702, the SCell requests the PCell to release the RB.

The fourth example describes a process of synchronizing the COUNT valuebetween the SCell and the UE. The method shown in FIG. 8 includesfollowing blocks.

In block 801, the PCell transmits a SCell establishing request messageto the SCell, and requests the eNB covering the SCell to establish a newRB for the UE. This block is the same as block 401 and is notillustrated herein.

In block 802, the SCell transmits a SCell establishing response messageto the PCell. This block is the same as block 402 and is not illustratedherein.

In block 803, the SCell transmits a synchronization checking message tothe UE.

The synchronization checking message contains the Bearer Id of the RBand the uplink COUNT value and/or downlink COUNT value of RB. Onlyseveral highest bits of the COUNT value may be contained when the COUNTvalue is transmitted. For example, highest 25 bits of the COUNT valueare contained.

In block 804, the UE transmits a synchronization checking responsemessage to the SCell.

The UE also saves the COUNT value of RB, checks whether the saved COUNTvalue and the COUNT value described in block 803 are identical, andtransmits a checking result through a response message.

The response message may be implemented through different methods.

For example, the response message contains the Bearer Id of the RB, andthe uplink COUNT value and/or downlink COUNT value of RB. Only severalhighest bits of the COUNT value may be contained. For example, highest25 bits of the COUNT value are contained.

Or, when the COUNT value saved by the UE and the COUNT value describedin block 803 are identical, the response message does not contain theinformation of the RB. If the COUNT value saved by the UE and the COUNTvalue described in block 803 are not identical, the response messagecontains the information of the RB. Cases that the COUNT value saved bythe UE and the COUNT value described in block 803 are not identicalinclude that:

(1) the RB has been established, but the RB is not contained in thesynchronization checking message in block 803;

(2) the RB has been established and the RB is contained in thesynchronization checking message in block 803, but the uplink and/ordownlink COUNT value of the RB saved by the UE is not identical to theCOUNT value indicated by the synchronization checking message in block803;

(3) other instances.

In block 805, the SCell checks whether the COUNT value reaches thepredefined threshold; if yes, the SCell determines that the COUNT valueis close to an overflow state, and transmits a RB releasing requestmessage. The RB releasing request message contains a Bearer Id, and mayfurther contain a releasing reason.

In block 806, the PCell transmits a RB releasing request message to theSCell. The RB releasing request message contains a Bearer Id, and mayfurther contain a releasing reason.

Block 806 may be replaced with another process, for example, the PCelltransmits a SCell reconfiguring request message.

In block 807, the SCell performs corresponding configuration accordingto the message in block 806, and transmits a response message to thePCell.

In block 808, the SCell checks whether the synchronization informationof the UE and the synchronization information of the network areidentical, if the COUNT value on the UE and the COUNT value on the SCellare not identical, the SCell transmits a radio connection releasingindication message. The name of the radio connection releasingindication message may be another name. The radio connection releasingindication message contains the identity of the UE, and may furthercontain a releasing reason. The identity of the UE may be an X2interface identity of the UE, or a unique identity of the UE, or anyidentity that can uniquely identify the UE in the SCell.

Blocks 809 to 811 are the same as blocks 408 to 410 respectively and areomitted herein.

And thus, the process described in the fourth example ends.

As can be seen from the above solution of the present application, bythe methods for synchronizing the COUNT value between the SCell and theUE, the UE may decrypt the data transmitted by the SCell, and the SCellmay also correctly decrypt the data transmitted by the UE, therebyensuring the security and correctness of data. By the methods of thepresent application, the data of SCell is transmitted after beingencrypted, thereby ensuring the security and correctness of data.

The foregoing is only preferred examples of the present application andis not used to limit the protection scope of the present application.Any modification, equivalent substitution and improvement withoutdeparting from the spirit and principle of the present application arewithin the protection scope of the present application.

What is claimed is:
 1. A method by a first base station in a wirelesscommunication system, the method comprising: receiving, from a secondbase station, a first message including a first count value associatedwith a radio bearer established for a terminal; transmitting, to theterminal, a second message including the first count value received fromthe second base station; receiving, from the terminal, a responsemessage in response to the second message, the response messageincluding a second count value associated with the radio bearer; andperforming further action based on the first count value and the secondcount value.
 2. The method of claim 1, wherein the further actioncomprises: transmitting, to the terminal, a third message for releasinga radio connection between the terminal and the second base station. 3.The method of claim 1, wherein the further action comprises:transmitting, to the second base station, a fourth message to release aresource of the terminal.
 4. The method of claim 1, wherein the secondcount value is not identical to the first count value included in thesecond message.
 5. The method of claim 1, further comprising:determining whether the first count value reaches a predefinedthreshold; and transmitting, to the second base station, a fifth messageto request to release the first count value, reconfigure the first countvalue or perform another operation, if the first count value reaches thepredefined threshold.
 6. The method of claim 2, further comprising:determining whether the first count value and the second count value areidentical; and releasing the radio connection and transmitting a sixthmessage, to the second base station, to request the second base stationfor releasing information of the terminal saved by the second basestation, if the first count value and the second count value are notidentical.
 7. The method of claim 1, further comprising: transmitting,to the second base station, the second count value received from theterminal.
 8. The method of claim 6, further comprising: requesting torelease a radio resource control connection of the terminal, if thefirst count value and the second count value are not identical.
 9. Themethod of claim 5, further comprising: receiving, from the second basestation, a seventh message to request to release the first count value,reconfigure the first count value, or perform another operation, if thefirst count value reaches the predefined threshold.
 10. The method ofclaim 1, wherein the first message is periodically transmitted by thesecond base station or the first message is transmitted by the secondbase station according to a configured threshold.
 11. The method ofclaim 1, wherein the first base station receives the first count valuefrom the second base station after transmitting, to the second basestation, a eighth message of the first count value.
 12. The method ofclaim 11, wherein the eighth message of the first count value comprisesa cell identity of the second base station, and wherein the methodfurther comprises: receiving, from the second base station, count valuesof all radio bearers established by the second base station for theterminal, if the eighth message of the first count value does notcomprise an identity of the radio bearer established for the terminal.13. An apparatus of a first base station for in a wireless communicationsystem, the apparatus comprising: a transceiver; and a controllercoupled with the transceiver and configured to control to: receive, froma second base station, a first message including a first count valueassociated with a radio bearer established for a terminal, transmit, tothe terminal, a second message including the first count value receivedfrom the second base station, receive, from the terminal, a responsemessage in response to the second message, the response messageincluding a second count value associated with the radio bearer, andperform further action based on the first count value and the secondcount value.
 14. The apparatus of claim 13, wherein the further actioncomprises: transmit, to the terminal, a third message for releasing aradio connection between the terminal and the second base station. 15.The apparatus of claim 13, wherein the further action comprises:transmit, to the second base station, a fourth message to release aresource of the terminal.
 16. The apparatus of claim 13, wherein thesecond count value is not identical to the first count value included inthe second message.
 17. The apparatus of claim 13, wherein thecontroller is further configured to: determine whether the first countvalue reaches a predefined threshold, and transmit, to the second basestation, a fifth message to request to release the first count value,reconfigure the first count value, or perform another operation, if thefirst count value reaches the predefined threshold.
 18. The apparatus ofclaim 14, wherein the controller is further configured to: determinewhether the first count value and the second count value are identical,and release the radio connection and transmit a sixth message, to thesecond base station, to request the second base station for releasinginformation of the terminal saved by the second base station, if thefirst count value and the second count value are not identical.
 19. Theapparatus of claim 13, wherein the controller is further configured to:transmit, to the second base station, the second count value.
 20. Theapparatus of claim 18, wherein the controller is further configured to:request to release a radio resource control connection of the terminalif the first count value and the second count value are not identical.21. The apparatus of claim 17, wherein the controller is furtherconfigured to: receive, from the second base station, a seventh messageto request to release the first count value, reconfigure the first countvalue, or perform another operation, if the first count value reachesthe predefined threshold.
 22. The apparatus of claim 13, wherein thefirst message is periodically transmitted by the second base station orthe first message is transmitted by the second base station based on aconfigured threshold.
 23. The apparatus of claim 13, wherein thecontroller is further configured to: receive the first count value fromthe second base station after transmitting, to the second base station,a eighth message of the first count value.
 24. The apparatus of claim23, wherein the eighth message of the first count value comprises a cellidentity of the second base station, and wherein, if the eighth messageof the first count value does not comprise an identity of the radiobearer established for the terminal, the controller is furtherconfigured to: receive, from the second base station, count values ofall radio bearers established by the second base station for theterminal.